SWIFT customer security program

Start adding items to your reading lists:
Save this item to:
This item has been saved to your reading list.

SWIFT's payment community suffered several of cyber-attacks and breaches in 2016, some stemming from third parties. 

While all SWIFT customers remain primarily responsible for protecting their own environments, SWIFT offers support in the fight against cyber-attacks. Through its customer security program (CSP), SWIFT has identified 16 mandatory and 11 optional security controls for its 11,000 customers worldwide. 

The deadline for SWIFT customers to submit their results is before the end of 2017.


SWIFT customer security program FAQs​

What is the SWIFT CSP?

SWIFT's customer security program (CSP) prevents and detects and aims to prevent fraudulent activity through a set of mandatory security controls, community-wide information sharing initiatives and enhanced security features on their products.

View more

When is the deadline for SWIFT CSP compliance?

Organizations must submit a self-attestation by end of December 2017, after which they are required to share their results against the controls baseline with the wider Financial services community beginning January 1, 2018. 

View more

What are the SWIFT CSP mandatory controls?

There are 16 mandatory controls focused on securing your environment, knowing and limiting access and detecting and responding 

View more

What happens in non-compliance cases?

SWIFT will randomly check network members and will report any non-compliant organisations to industry regulators such as the Financial Conduct Authority. 

View more

What happens if I suspect my organization has been targeted or breached?

Organizations must contact SWIFT as soon as possible and share all relevant information to protect other organizations in the network.

View more


How PwC can help

Cohesive team who understands SWIFT

We understand SWIFT like no other as we have been performing an annual review of SWIFT under the internationally recognized ISAE 3000 standard for over 10 years. 

View more

Proven performance on similar projects

We have performed numerous SWIFT security assessments worldwide, with a proven approach and understanding of how to ensure SWIFT infrastructure security while maintaining functionality. 

View more

Technical expertise and knowledge base

We are the only ‘Big-4’ firm with a professional Certified Cyber Security Consultancy certificate from the NCSC. We are unique in our ability to leverage threat intelligence to build and simulate realistic cyber-attack scenarios. 

View more

Adapting to your requirements

We will formulate and tailor an approach that suits your current and future business requirements with pragmatic insights and balanced views on how to prioritize any associated actions.

View more

Contact us

Martin Dolphin

Financial Services Cyber Security Director, Advisory, PwC US

Joseph Nocera

Cyber & Privacy Innovation Institute Leader, PwC US

Follow us